This privacy policy clarifies the nature, scope and purpose of the processing of personal data (hereinafter referred to as “data”) within our online offer and the associated websites, functions and content.(hereinafter collectively referred to as “online offer”). With regard to the terms used, such as “processing” or “controller”, we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

GERKEN GmbH
In der Steele 13
40599 Düsseldorf

Chief Executive Officer:
Christian Gerken, Markus Liffers

Phone number: 0211 97476-0
E-Mail: info@gerken.eu

In accordance with the statutory provisions, we have appointed a data protection officer. If you have any questions regarding the processing of your personal data, you can contact him directly:

To the data protection officer,
GERKEN GmbH
In der Steele 13
40599 Düsseldorf

E-Mail: dsb@gerken-arbeitsbuehnen.de

We only process users' personal data in compliance with the relevant data protection regulations. This means that user data will only be processed if we have legal permission to do so. This means, in particular, if the data processing is necessary for the provision of contractual services (e.g. processing of orders) and online services, or is required by law, if the user has given consent, as well as on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation and security of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR, or until the validity of the GDPR on the basis of Art. 15 para. 1 lit. f. GDPR). GDPR, or until the GDPR comes into force on the basis of Section 15 (3) TMG), in particular in measuring reach, creating profiles for advertising and marketing purposes, collecting access data and using the services of third-party providers.

With regard to the processing of personal data on the basis of the Data Protection Regulation (GDPR) applicable from May 25, 2018, we would like to point out that the legal basis for consent is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for processing to fulfill our services and carry out contractual measures is Art. 6 para. 1 lit. b GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for processing to safeguard our legitimate interests is Art. 6 para. 1 lit. f GDPR.

We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons.

The security measures include, in particular, the encrypted transmission of data between your browser and our server. For this purpose, the website uses SSL or TLS encryption with the help of a valid certificate.

• Users have a right of access to the personal data concerning them that is processed by the controller (Art. 15 GDPR),
• Users have the right to rectification of data concerning them if it is stored incorrectly or incompletely (Art. 16 GDPR)
• Users have the right to erasure (Art. 17 GDPR),
• Users have the right to request the restriction of the processing of their personal data (Art. 18 GDPR)
• Users have the right to data portability (Art. 20 GDPR)
• Users have the right to object to the processing of personal data concerning them (Art. 21 GDPR)
• Users have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them (Art. 22 GDPR)
• Users have the right to lodge a complaint with the competent supervisory authority in the event of a suspected breach of data protection law (Art. 77 GDPR). The competent supervisory authority is the supervisory authority at your usual place of residence, workplace or at the place of the suspected infringement. The following link provides a list of data protection officers and their contact details: www.bfdi.bund.de/EN/Infothek/Anschriften_Links/anschriften_links-node.html.

If you only use this website to obtain information and do not provide any data, we will only process the data required to display the website on the internet-enabled device you are using. These are in particular:

• IP address
• Date and time of the request
• the amount of data transferred in each case
• the website from which the request comes
• Browser type and browser version
• operating system

The legal basis for the processing of this data is legitimate interests in accordance with Art. 6 para. 1 subpara. 1 letter f) GDPR in order to enable the website to be displayed.

In addition, you can use various services on the website for which further personal and non-personal data is processed.

This website uses Google Analytics, a web analytics service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. For this purpose, Google places cookies on your device. These enable website usage to be analyzed.
The information collected is usually transmitted to a Google server in the USA and recorded there - including the IP address. Google Analytics is set so that IP addresses are only stored in anonymized form. Due to this setting, Google shortens the IP addresses collected within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before storing them.
Google uses the information collected to evaluate the use of the websites and to compile corresponding reports. Google Analytics is set so that the data is deleted within 14 months of its creation.

The data is processed on the basis of Art. 6 para. 1 subpara. 1 letter f) GDPR with the legitimate interest in improving this website offer.

The setting of the analytics cookie can be prevented by setting the browser to reject all cookies. However, this may impair the usability of this website. The collection of data by Google can also be prevented by installing the following browser plug-in: tools.google.com/dlpage/gaoptout. The collection of data by Google Analytics can also be prevented by clicking on the following link. This sets a corresponding opt-out cookie: Deactivate data collection by Google Analytics for this website. ()

You can find more information about Google's data protection at: www.google.com/intl/en/analytics/privacyoverview.html.

When contacting us via contact form or e-mail (unencrypted), the user's details are processed for the following purposes:

• To process the contact request and its handling;
• To support our internal business purposes, namely data analyses, revisions, development of new products, improvement of this website, improvement of our services, identification of usage trends and determination of the effectiveness of our advertising campaigns (however, this use takes place without personal reference, i.e. only in anonymized form);
• To prevent possible abuses or risks to the interests of other users or our interests on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR.
• For confidential messages to us, please use the postal service for your security.

User data may be stored in our Customer Relationship Management System (“CRM System”).

This website uses Google AdWords. AdWords is an online advertising program of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).

As part of Google AdWords, we use what is known as conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user's computer. These cookies lose their validity after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page.

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in tracking, you can object to this use by easily deactivating the Google Conversion Tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics.

The storage of “conversion cookies” takes place on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.

You can find more information about Google AdWords and Google Conversion Tracking in Google's privacy policy: www.google.com/policies/privacy/.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

The data used for our customer newsletter is processed exclusively on the basis of an existing customer relationship with a company of the GERKEN Group (Art. 6 para. 1 lit. f GDPR). You can revoke the use of the stored data for sending the GERKEN Group newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data stored by us will be stored by us until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for maintaining the business relationship) remain unaffected by this.

Our website uses plugins from the Google-operated YouTube site. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Further information on the handling of user data can be found in YouTube's privacy policy at: www.google.com/intl/en/policies/privacy.

We process our customers' data as part of the ordering process in our online store in order to enable them to select and order the selected products and services, as well as their payment and delivery or execution.

The processed data includes inventory data, communication data, contract data, payment data and the data subjects include our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services in the context of operating an online store, billing, delivery and customer services. We use session cookies to store the contents of the shopping cart and permanent cookies to store the login status.

The processing is carried out on the basis of Art. 6 para. 1 lit. b (execution of order processes) and c (legally required archiving) GDPR. The information marked as necessary is required to justify and fulfill the contract. We only disclose the data to third parties in the context of delivery, payment or within the scope of legal permissions and obligations towards legal advisors and authorities. The data will only be processed in third countries if this is necessary for the fulfillment of the contract (e.g. at the customer's request for delivery or payment).

Users can optionally create a user account in which they can view their orders in particular. As part of the registration process, users are provided with the required mandatory information. The user accounts are not public and cannot be indexed by search engines. If users have terminated their user account, their data will be deleted with regard to the user account, subject to their retention is necessary for commercial or tax law reasons in accordance with Art. 6 para. 1 lit. c GDPR. Information in the customer account remains until its deletion with subsequent archiving in the event of a legal obligation. It is the responsibility of users to back up their data before the end of the contract in the event of termination.

The deletion takes place after the expiry of statutory warranty and comparable obligations, the necessity of storing the data is reviewed every three years; in the case of statutory archiving obligations, the deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) retention obligation); information in the customer account remains until its deletion.

If we make advance payments (e.g. when purchasing on account), we reserve the right to obtain identity and creditworthiness information for the purpose of assessing the credit risk on the basis of mathematical-statistical procedures from specialized service companies (credit agencies) in order to safeguard our legitimate interests.

As part of the credit report, we transmit the following personal data of the customer (name, postal address, date of birth, information on the type of contract, bank details [please specify further data if necessary]) to the following credit agencies: Creditreform Düsseldorf / Neuss Roumen, Waterkamp & Coll. KG Heesenstr. 65 D-40549 Düsseldorf Data protection information: www.creditreform.de/duesseldorf/datenschutz​​​​​​​

​​​​​​​

We process the information received from the credit agencies on the statistical probability of a payment default as part of an appropriate discretionary decision on the establishment, execution and termination of the contractual relationship. We reserve the right to refuse payment on account or any other advance payment in the event of a negative result of the credit check.

If we obtain express consent from you, the legal basis for the credit report and the transmission of the customer's data to the credit agencies is consent pursuant to Art. 6 para. 1 lit. a, 7 GDPR. If no consent is obtained, our legitimate interests in the security of your payment claim are the legal basis in accordance with Art. 6 para. 1 lit. f. GDPR.

In order to operate our business economically and to identify market trends, customer and user requirements, we analyze the data we have on business transactions, contracts, inquiries, etc. In doing so, we process inventory data, communication data, contract data, payment data, usage data, metadata on the basis of Art. 6 para. 1 lit. f. GDPR. GDPR, whereby the data subjects include customers, interested parties, business partners, visitors and users of the online offer. The analyses are carried out for the purpose of business evaluations, marketing and market research. In doing so, we can take into account the profiles of registered users with information on their purchase transactions, for example. The analyses help us to increase user-friendliness, optimize our offer and improve business efficiency. The analyses serve us alone and are not disclosed externally, unless they are anonymous analyses with summarized values.

If these analyses or profiles are personal, they will be deleted or anonymized upon termination by the user, otherwise after two years from the conclusion of the contract. Otherwise, the overall business analyses and general trend determinations are created anonymously where possible.

When contacting us (via contact form or e-mail), the user's details are processed to process the contact request and its handling in accordance with Art. 6 para. 1 lit. b) GDPR.

User data may be stored in our Customer Relationship Management System (“CRM System”) or comparable inquiry organization.

We delete the requests if they are no longer required. We review the necessity every two years; we store inquiries from customers who have a customer account permanently and refer to the information on the customer account for deletion. Furthermore, the statutory archiving obligations apply.

On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR), we use the marketing and remarketing services (“Google Marketing Services”) of Google LLC. GDPR) the marketing and remarketing services (“Google Marketing Services” for short) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).

Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google marketing services allow us to display advertisements for and on our website in a more targeted manner in order to present users only with advertisements that potentially match their interests. If, for example, a user is shown ads for products that they have shown an interest in on other websites, this is referred to as “remarketing”. For these purposes, when our and other websites on which Google marketing services are active are accessed, a code from Google is executed directly by Google and so-called (re)marketing tags (invisible graphics or code, also known as “web beacons”) are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's device (comparable technologies can also be used instead of cookies). The cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which websites the user has visited, what content they are interested in and which offers they have clicked on, as well as technical information about the browser and operating system, referring websites, time of visit and other information about the use of the online offer. The IP address of the user is also recorded, whereby we inform you in the context of Google Analytics that the IP address is shortened within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only in exceptional cases is it transmitted in full to a Google server in the USA and shortened there. The IP address is not merged with the user's data within other Google offers. Google may also combine the aforementioned information with such information from other sources. If the user subsequently visits other websites, they can be shown ads tailored to their interests.

User data is processed pseudonymously as part of Google marketing services. This means that Google does not store and process the user's name or email address, for example, but processes the relevant data in relation to cookies within pseudonymous user profiles. This means that, from Google's perspective, the ads are not managed and displayed for a specifically identified person, but for the cookie owner, regardless of who this cookie owner is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymization. The information collected by Google marketing services about users is transmitted to Google and stored on Google's servers in the USA.

The Google marketing services we use include the online advertising program “Google AdWords”. In the case of Google AdWords, each AdWords customer receives a different “conversion cookie”. Cookies can therefore not be tracked via the websites of AdWords customers. The information collected with the help of the cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers find out the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

We can integrate third-party advertisements on the basis of the Google marketing service “DoubleClick”. DoubleClick uses cookies to enable Google and its partner websites to serve ads based on users' visits to this website or other websites on the Internet.

We can integrate third-party advertisements on the basis of the Google marketing service “AdSense”. AdSense uses cookies to enable Google and its partner websites to serve ads based on users' visits to this website or other websites on the Internet.

We can also use the “Google Optimizer” service. Google Optimizer allows us to track the effects of various changes to a website (e.g. changes to input fields, design, etc.) as part of so-called “A/B testing”. Cookies are stored on users' devices for these test purposes. Only pseudonymous user data is processed.

We may also use the “Google Tag Manager” to integrate and manage Google analysis and marketing services on our website.

You can find more information on the use of data for marketing purposes by Google on the overview page: https://policies.google.com/technologies/ads, Google's privacy policy is available at https://adssettings.google.com/authenticated.

We use means of remote communication, such as post, telephone or email, for business transactions and marketing purposes. In doing so, we process inventory data, address and contact data as well as contract data of customers, participants, interested parties and communication partners.

The processing is carried out on the basis of Art. 6 para. 1 lit. a, Art. 7 GDPR, Art. 6 para. 1 lit. f GDPR in conjunction with legal requirements for advertising communications. Contact is only made with the consent of the contact partners or within the scope of the legal permissions and the processed data will be deleted as soon as they are no longer required and otherwise with objection/revocation or discontinuation of the authorization basis or legal archiving obligations.

We have commissioned BS PAYONE GmbH, Fraunhoferstraße 2-4, 24118 Kiel, Germany, to process payments (PayPal and credit card). For this purpose, BS PAYONE GmbH requires, among other things, your name and address, as well as the credit card number (including validity period), invoice amount and currency, and the transaction number.

BS PAYONE GmbH may use this information for the purpose of payment processing and pass it on to us. PAYONE is obliged to treat the information in accordance with German data protection laws. You can view the data protection provisions of PAYONE GmbH at www.payone.de/datenschutz/.

We have concluded a contract with PAYONE for commissioned data processing and fully implement the strict requirements of the German data protection authorities when using PAYONE.

On our website, we offer payment via PayPal via PAYONE. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”).

If you select payment via PayPal, the payment data you enter will be transmitted to PayPal.

The transmission of your data to PayPal is based on Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing for the performance of a contract). You have the option of withdrawing your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past.